Optical cryptography systems and methods

ABSTRACT

Systems and methods for restoring or recovering linear polarization state of an optical signal as it exits the far end of an optical fiber are disclosed. The optical signal may have an expected pattern of polarization states through a birefringent material of the optical fiber from a first node to a second node. The optical signal may be received by the second node and resulting polarization states may be measured. In certain non-limiting examples, the measured polarization states may be compared to expected polarization states to determine a characterization angle indicative of an axis of the optical fiber.

CROSS REFERENCE TO RELATED APPLICATIONS/INCORPORATION BY REFERENCESTATEMENT

The present patent application incorporates by reference the entireprovisional patent application identified by U.S. Ser. No. 61/845,757,filed on Jul. 12, 2013, and claims priority thereto under 35 U.S.C.119(e).

BACKGROUND

Quantum cryptography uses quantum mechanical effects to performcryptographic tasks transmitting secure communications over networks.For example, using quantum key distribution (QKD), a securecommunication may be transmitted between two parties (usually referredto as Alice and Bob) using a predefined and shared key such that a thirdparty (usually referred to as Eve) is unable to identify the key.

There are generally two ways secure communications are currentlytransmitted using optical signals, through free space optics (FSO) orover a fiber optic network. Using polarization coding in FSO, a photonmay be transmitted between two parties, with the photon at a specificstate of polarization. Generally, if the parties know the state ofpolarization, the secure communication may be decoded.

In fiber optic networks, however, the state of polarization of a photonover an optical fiber may change during its passage through the fiber.In theory, optical fibers should preserve a state of polarization. Inpractice, however, a wave entering an optical fiber having a definitestate of polarization may come out on the other end with a differentrandom state of polarization due to micro-disturbances in the opticalfiber. This means that a linearly polarized incident optical signal maybecome elliptically polarized when it exits the fiber. As such, thecurrent art seeks to find alternative means to transmit securecommunications without relying on the state of polarization across afiber optic network.

Currently within the art, researchers are seeking to increase thetransmission speed of the secure communication between the two partiesusing quantum cryptography to increase speed of communications.Additionally, researchers are looking for cryptography protocols thatmay be communicated over large distance, use fewer resources, but stillhave enhanced security for transmission between the parties withoutinterference from an outside party due to man-in-the-middle attacks,photon siphoning attacks, plaintext-cipher text attacks, and the like.

BRIEF DESCRIPTION OF THE DRAWINGS

To assist those of ordinary skill in the relevant art in making andusing the subject matter hereof, reference is made to the appendeddrawings, which are not intended to be drawn to scale, and in which likereference numerals are intended to refer to similar elements forconsistency. For purposes of clarity, not every component may be labeledin every drawing. The embodiments depicted in the drawings are notintended to be limiting in regard to the presently disclosed inventiveconcepts.

FIG. 1 is a schematic view of a communication system including aplurality of nodes communicating via one or more communication links inaccordance with the present disclosure.

FIG. 2 is a schematic view of a node for use in the communication systemillustrated in FIG. 1.

FIG. 3 is an illustration of polarization states of an optical signal asthe optical signal passes through a birefringent optic fiber.

FIG. 4 is a schematic view of a first interface of a first nodecommunicating via a communication link with a second interface of asecond node in accordance with the present disclosure.

FIG. 5 is a schematic diagram of an exemplary embodiment of amulti-stage cryptography process for transmitting a secure communicationvia a communication link in accordance with the present disclosure.

FIG. 5a is a schematic diagram of an exemplary array of transformationsthat may be used in the multi-stage cryptography processes of FIG. 5 andFIG. 6.

FIG. 6 is a schematic diagram of an exemplary embodiment of themulti-stage cryptography process illustrated in FIG. 5 implemented overfree space optics (FSO) using passive optical components.

FIG. 7 is a schematic diagram of an exemplary single-state cryptographyprocess for transmitting a secure communication via a communication linkin accordance with the present disclosure.

FIG. 8 is diagrammatic view of a framing scheme for use in thesingle-stage cryptography process illustrated in FIG. 7.

FIG. 9 is a schematic diagram of an exemplary embodiment of thesingle-stage cryptography process illustrated in FIG. 7 implementedusing passive optical components.

DETAILED DESCRIPTION

Before explaining at least one embodiment of the presently disclosedinventive concepts in detail, it is to be understood that the disclosureis not limited in its application to the details of construction,experiments, exemplary data, and/or the arrangement of the componentsset forth in the following description or illustrated in the drawingsunless otherwise noted.

The disclosure is capable of other embodiments or of being practiced orcarried out in various ways. Also, it is to be understood that thephraseology and terminology employed herein is for purposes ofdescription, and should not be regarded as limiting unless otherwiseindicated as so. Moreover, in the following detailed description,numerous specific details are set forth in order to provide a morethorough understanding of the disclosure. However, it will be apparentto a person having ordinary skill in the art that the presentlydisclosed inventive concepts may be practiced without these specificdetails. In other instances, features which are well known to persons ofordinary skill in the art have not been described in detail to avoidunnecessary complication of the description.

Unless otherwise defined herein, scientific and technical terms used inconnection with the presently disclosed inventive concepts shall havethe meanings that are commonly understood by those having ordinary skillin the art. Further, unless otherwise required by context, singularterms shall include pluralities and plural terms shall include thesingular.

All patents, published patent applications, and non-patent publicationsmentioned in the specification are indicative of the level of skill ofthose skilled in the art to which the presently disclosed inventiveconcepts pertain. All patents, published patent applications, andnon-patent publications referenced in any portion of this applicationare herein expressly incorporated by reference in their entirety to thesame extent as if each individual patent or publication was specificallyand individually indicated to be incorporated by reference.

All of the devices and methods disclosed herein can be made and executedwithout undue experimentation in light of the present disclosure. Whilethe devices and methods of the presently disclosed inventive concepthave been described in terms of particular embodiments, it will beapparent to those of skill in the art that variations may be applied tothe devices and/or methods and in the steps or in the sequence of stepsof the method described herein without departing from the concept,spirit and scope of the inventive concepts. All such similar substitutesand modifications apparent to those of skilled in the art are deemed tobe within the spirit, scope and concept of the inventive concepts asdefined herein.

The following detailed description refers to the accompanying drawings.The same reference numbers in different drawings may identify the sameor similar elements.

Further, unless expressly stated to the contrary, “or” refers to aninclusive and not to an exclusive “or”. For example, a condition A or Bis satisfied by one of the following: A is true (or present) and B isfalse (or not present), A is false (or not present) and B is true (orpresent), and both A and B are true (or present).

The use of the word “a” or “an” when used in conjunction with the term“comprising” in the claims and/or the specification may mean “one,” butit is also consistent with the meaning of “one or more,” “at least one,”and “one or more than one.” The use of the term “or” in the claims isused to mean “and/or” unless explicitly indicated to refer toalternatives only or when the alternatives are mutually exclusive,although the disclosure supports a definition that refers to onlyalternatives and “and/or.” The use of the term “at least one” will beunderstood to include one as well as any quantity more than one,including but not limited to, 2, 3, 4, 5, 6, 7, 8, 9, 10, 15, 20, 30,40, 50, 100, or any integer inclusive therein. The term “at least one”may extend up to 100 or 1000 or more, depending on the term to which itis attached; in addition, the quantities of 100/1000 are not to beconsidered limiting, as higher limits may also produce satisfactoryresults. In addition, the use of the term “at least one of X, Y and Z”will be understood to include X alone, Y alone, and Z alone, as well asany combination of X, Y and Z.

As used in this specification and claim(s), the words “comprising” (andany form of comprising, such as “comprise” and “comprises”), “having”(and any form of having, such as “have” and “has”), “including” (and anyform of including, such as “includes” and “include”) or “containing”(and any form of containing, such as “contains” and “contain”) areinclusive or open-ended and do not exclude additional, unrecitedelements or method steps. For example, unless otherwise noted, aprocess, method, article, or apparatus that comprises a list of elementsis not necessarily limited to only those elements, but may also includeother elements not expressly listed or inherent to such process, method,article, or apparatus.

The term “or combinations thereof” as used herein refers to allpermutations and combinations of the listed items preceding the term.For example, “A, B, C, or combinations thereof” is intended to includeat least one of: A, B, C, AB, AC, BC, or ABC, and if order is importantin a particular context, also BA, CA, CB, CBA, BCA, ACB, BAC, or CAB.Continuing with this example, expressly included are combinations thatcontain repeats of one or more item or term, such as BB, AAA, AAB, BBC,AAABCCCC, CBBAAA, CABABB, and so forth. The skilled artisan willunderstand that typically there is no limit on the number of items orterms in any combination, unless otherwise apparent from the context.

As used herein, any reference to “one embodiment,” “an embodiment,”“some embodiments,” “one example,” “for example,” or “an example” meansthat a particular element, feature, structure or characteristicdescribed in connection with the embodiment is included in at least oneembodiment. The appearance of the phrase “in some embodiments” or “oneexample” in various places in the specification is not necessarily allreferring to the same embodiment, for example.

The term “about”, where used herein when referring to a measurable valuesuch as an amount, a temporal duration, and the like, is meant toencompass variations of ±20% or ±10%, or ±5%, or ±1%, or ±0.1% from thespecified value, as such variations are appropriate to perform thedisclosed methods and as understood by persons having ordinary skill inthe art. Throughout this application, the term “about” is used toindicate that a value includes the inherent variation of error formeasuring various parameters, such as the state of polarization of anoptical signal, the method used to securely pass data between nodes, orthe variation that exists when calibrating the nodes to securely passdata. Further, in this detailed description and the appended claims,each numerical value (e.g., temperature or time) should be read once asmodified by the term “about” (unless already expressly so modified), andthen read again as not so modified unless otherwise indicated incontext. Also, any range listed or described herein is intended toinclude, implicitly or explicitly, any number within the range,particularly all integers, including the end points, and is to beconsidered as having been so stated. For example, “a range from 1 to 10”is to be read as indicating each possible number, particularly integers,along the continuum between about 1 and about 10. Thus, even if specificdata points within the range, or even no data points within the range,are explicitly identified or specifically referred to, it is to beunderstood that any data points within the range are to be considered tohave been specified, and that the inventors possessed knowledge of theentire range and the points within the range.

As used herein, the term “substantially” means that the subsequentlydescribed event or circumstance completely occurs or that thesubsequently described event or circumstance occurs to a great extent ordegree. For example, the term “substantially” means that thesubsequently described event or circumstance occurs at least 90% of thetime, or at least 95% of the time, or at least 98% of the time.

In at least a first embodiment, the presently disclosed inventiveconcepts include a novel single-stage protocol, referred to herein asthe braided single-stage protocol, implemented using multiple photonsand can be used for transferring secure information over longerdistances at higher speeds than existing quantum cryptography techniquesand uses only a third of the transmission resources utilized by thethree-stage protocol, a quantum cryptography protocol first proposed in2006 and first implemented in 2012. Enhanced data transfer rate isachieved as the braided single-stage protocol transmits the data in onlyone stage. The braided single-stage protocol is immune to theman-in-the-middle attack, photon siphoning attack, and knownplaintext-cipher text attack. The braided single-stage protocol is amajor step forward over the existing quantum cryptography protocols inthe following key areas: higher speed of communication over longerdistances, considerably lower investment in transmission resources, andenhanced security. Applications of the braided single-stage protocolinclude providing security for optical networks including optical burstswitched networks. The braided single-stage protocol can also be used,for example, for ship-to-ship or air-to-ground quantum communication.

In at least a second embodiment, the presently disclosed inventiveconcepts include a method for restoring or recovering the linearpolarization state of a photon as it exits the far end of an opticalfiber. The state of polarization of a photon over an optical fiberchanges at random during its passage through the fiber. This means thata linearly polarized incident optical beam might become ellipticallypolarized when it exits the fiber. The present method is a deterministicprotocol which will restore or permit recovery of the linearpolarization state of a photon at the far end of the optical fiber. Thedisclosed method needs only a very low processing power to characterizethe polarization behavior and can be implemented on any hardwareplatform. The disclosed method can be implemented over multimode andsingle mode optical fiber channels and is independent of the wavelengthused for the operation. The disclosed method can be used to send securedata using polarization encoding over optical fibers. Furthermore, thedisclosed method can also be used for intrusion detection on the opticalfiber channel. Using a unique wavelength hopping technique, wavelengthscan carry either the payload data or a unique secret key that can beused to encrypt payload data on all the other wavelengths in the fiber.

In at least a third embodiment, the presently disclosed inventiveconcepts include a security-enhanced three-stage cryptographic protocolwhich has a level of security comparable to a one time pad system. Theone-time pad is the only means known to provide unconditionally securecommunication. The disclosed novel protocol is based the concept ofmulti-stage cryptography which has been modified to include aninitialization vector that is updated at each transmission.

Referring now to the Figures, and in particular to FIG. 1, shown thereinand designated by reference numeral 10 is an exemplary communicationsystem in accordance with the present disclosure. The communicationsystem 10 may include a plurality of nodes 12 communicating via one ormore communication links 14. Generally, the nodes 12 seek to transmitone or more secure communications over the communication link 14 in thepresence of an adversary 16. The communication system 10 may communicatethe secure communication via one or more optical signals over thecommunication link 14 in free space optics (FSO) or a fiber opticnetwork as described in further detail herein.

The adversary 16 seeks to prevent secure communications over thecommunication link 14 via discovery of the secure communication,corruption of the communication, spoofing identity of one or more nodes12, and/or the like. For example, in FIG. 1, node 12 a (hereinafterreferred to as Alice node 12 a) and node 12 b (hereinafter referred toas Bob node 12 b) seek to provide one or more secure communications viaoptical signals over the communication link 14 in the presence of theadversary node 16 (hereinafter referred to as Eve node 16). It should benoted that the adversary node 16 may be similar in configuration asnodes 12 a and 12 b.

Each node 12 may be classified as a transmission system or a receiversystem, and as such, each node 12 may be capable of transmitting and/orreceiving signals (e.g., optical signal(s)). FIG. 2 illustrates anexemplary node 12 constructed in accordance with the present disclosure.Nodes 12 may be adapted to facilitate the communication of data within anetwork such as a mesh network, optical burst network, and/or the like,for example.

Each node 12 may be provided with one or more input interfaces 20, oneor more output interfaces 22, and/or a control module 24. In someembodiments, the node 12 may optionally include a switch 26.

In general, the input interfaces 20 may be adapted to receive signals(e.g., optical signals) from a network. The switch 26 may serve tocommunicate the signals from the input interfaces 20 to the outputinterfaces 22 with the output interfaces 22 adapted to transmit thesignals to the network. The control module 24 may control the operationsof the input interfaces 20, the output interfaces 22, and the switch 26as well as configure communication between nodes 12. For example, thecontrol module 24, in some embodiments, may configure label switchedpaths within the network to facilitate communication between nodes 12.

Each node 12 may be implemented in a variety of manners. For example, insome embodiments, the node 12 may be a commercial installation havingone or more backplanes, racks, and/or the like. In this example, theinput interfaces 20, the output interfaces 22, the control module 24,and the switch 26 may be implemented as separate devices having separatepower supplies, memory, and/or processing equipment. In someembodiments, the node 12 may be implemented as a single device having ashared power supply, memory, and/or processing equipment. In someembodiments, the node 12 may be implemented in a modular manner. Forexample, one or more of the input interfaces 20, the output interfaces22, the control module 24, and/or the switch 26 may share a power supplyand/or housing.

Referring to FIGS. 1 and 2, the input interfaces 20 and the outputinterfaces 22 of one node 12 may be adapted to communicate withcorresponding input interfaces 20 and output interfaces 22 of anothernode 12 within a network. For example, the input interfaces 20 andoutput interfaces 22 of the Alice node 12 a may be adapted tocommunicate with corresponding input interfaces 20 and output interfaces22 of the Bob node 12 b. In some embodiments, the input interfaces 20and the output interfaces 22 may be optical ports.

The nodes 12 communicate via communication links 14. Communication links14 may be any system capable of transmitting the signal between thenodes 12. The communication links 14 may be implemented in a variety ofmanners, such as optical fiber(s), waveguide(s) having optical signalcarrying capabilities, and/or wireless links used in Free Space Optics(FSO). For example, in some embodiments, the communication link 14 maybe a flexible, transparent fiber formed of silica or other similarmaterial. Selection and implementation of the type of communication link14 may be based on communication of the input interface 20 and outputinterface 22. For example, one or more input interfaces 20 may bedesigned to communicate wirelessly with another node 12, while one ormore output interfaces 22 of the node 12 may be designed to communicateoptically through a fiber-optic link.

In some embodiments, the communication link 14 may be an optical fiberin a fiber optic network. In at least one embodiment, the optical fibermay be formed of a birefringent material including a fast axis and aslow axis. The slow axis may have a high refractive index and the fastaxis may have a lower refractive index as compared to the slow axis suchthat a component of an optical signal traveling on the fast axis willmove faster than a component of the optical signal traveling on the slowaxis.

For a particular node 12, input interfaces 20 may be the same or of adifferent type, output interfaces 22 may be the same or of a differenttype, and the input interfaces 20 and the output interfaces 22 may bethe same or of a different type. The input interfaces 20 and the outputinterfaces 22 are shown separately for purposes of clarity; however, itshould be understood that one or more input interfaces 20 and/or theoutput interfaces 22 may be connected and implemented as a singledevice. The input and output functions can be executed by a singlephysical interface

The input interfaces 20, output interfaces 22, control module 24 and/orthe switch 26 may include circuitry for implementing the various logicas described herein. The logic may be implemented as either software,hardware, or a combination of software and hardware. Circuitry may beanalog and/or digital, components, or one or more suitably programmedmicroprocessors and/or associated hardware and software, or hardwiredlogic.

In some embodiments, the control module 24 may be a logical entitycapable of processing signals between the input interfaces 20, outputinterfaces 22, switch 26 and/or external nodes 12. In some embodiments,the input interfaces 20, output interfaces 22 and/or switch 26 may becapable of processing signals directly without the use of the controlmodule 24. For example, the input interface 20 and the output interface22 may be able to process signals using protocols and/or transformationsfrom in-band channels within a data stream and deliver the signals tothe control module 24, other input interfaces 20, output interfaces 22,and/or the switch 26.

The control module 24 may include one or more processor(s) implementedin a variety of manners such as one or more single or multiple centralprocessing unit(s), microprocessor(s), field programmable gate array(s)(FPGA), digital signal processor(s), application specific integratedcircuits (ASIC), and/or the like.

The control module 24 may also include one or more non-transitorycomputer medium used for storing the logic discussed herein such thatthe logic may be executed by the processor(s). The non-transitorycomputer medium may be implemented as one or more memories, including,but not limited to, random access memory, read-only memory, or acombination of random-access memory and read-only memory. The one ormore memories may be implemented in any suitable medium, including, butnot limited to, solid state memory, optically-read/write memory, ormagnetic read/write memory.

In some embodiments, signals may be transmitted on a control channel.The control channel may be a separate channel used to transmit the datastream. Such control signals may be processed by circuitry within theinput interfaces 20, output interfaces 22, and/or control module 24.When the control signals are processed by the input interfaces 20 and/oroutput interfaces 22, the input interfaces 20 and/or the outputinterfaces 22 may notify the control module 26 of actions taken. In someembodiments, the input interfaces 20 and the output interfaces may havea unique logical identification. For example, the unique logicalidentification may be an IP address.

FIG. 3 illustrates a plurality of polarization states 28 of an opticalsignal during passage through the communication link 14 wherein thecommunication link 14 may be composed of a birefringent optical fiber.In fiber optic networks, the state of polarization of a photon over abirefringent optical fiber may change during passage through the fiberdue to micro disturbances caused by vibration, changes in temperature orpressure.

As illustrated in FIG. 3, a polarization state of the optical signal mayrepeat after a particular length known as a beat length l_(b). The beatlength l_(b) may change depending on factors including, but not limitedto, birefringence property of the communication link 14, induced stress,applied pressure, vibrations, variation in the temperature, and thelike. The state of polarization of the optical signal may repeat afterthe duration of the beat length l_(b) and multiples thereof. Bydetermining the fast axis angle for a known set of polarization statestransmitted from one node 12 to another (e.g., the Alice node 12 a tothe Bob node 12 b), a characterization angle for the communication link14 may be determined. Once the characterization angle for thecommunication link 14 is determined for a defined set of polarizationstates, the characterization angle may be applied to unknownpolarization states such that polarization coding may be used intransferring signals between the Alice node 12 a and the Bob node 12 b.

FIG. 4 illustrates an exemplary embodiment of the fiber opticalcommunication system 10 a wherein the system 10 a is capable ofdetermining and/or restoring an original polarization state of anoptical signal at the Alice node 12 a and the Bob node 12 b using thecharacterization angle. By determining and/or restoring the originalpolarization state of the optical signal by determining thecharacterization angle, data may be encoded into the optical signalusing different states of polarizations to represent bit states, such asa 15 degree angle to represent a “0” and an 85 degree angle to representa “1”. Further, knowing the original polarization state of the opticalsignal can be used to secure communications transmitted between the node12 a and the node 12 b as described in further detail herein.

Each interface 20 and 22 of each node 12 a and 12 b may securelycommunicate over the communication link 14. For simplicity indescription, FIG. 4 illustrates a schematic diagram of an outputinterface 22 a of the Alice node 12 a securely communicating over thecommunication link 14 to the input interface 20 b of the Bob node 12 b.

Each interface 20 b and 22 a may be in optical communication with aphoton source 30 (e.g., laser source) and include a polarizationcontroller 32, a polarization analyzer 34, and a combiner 36 which inthis example is shown as a device known in the art as a circulator.Additionally, in some embodiments, each interface 20 b and 22 a mayinclude or be in communication with one or more suitably programmedmicroprocessors and/or associated hardware and software, or hardwiredlogic. The processor(s) may be implemented in a variety of manners suchas one or more single or multiple central processing unit(s),microprocessor(s), field programmable gate array(s) (FPGA), digitalsignal processor(s), application specific integrated circuits (ASIC),and/or the like.

Additionally, each interface 20 b and 22 a may include a non-transitorycomputer medium used for storing the logic performed by each interface20 b and 22 a such that the logic may be executed by the processor(s).The non-transitory computer medium may be implemented as one or morememories, including, but not limited to, random access memory, read-onlymemory, or a combination of random-access memory and read-only memory.The one or more memories may be implemented in any suitable medium,including, but not limited to, solid state memory, optically-read/writememory, or magnetic read/write memory.

The photon source 30 may provide an optical signal to the polarizationcontroller 32. For example, the photon source 30 b in communication withthe Alice interface 22 a may provide an optical signal to thepolarization controller 32 a of the Alice interface 22 a. Similarly, thephoton source 30 b in communication with the Bob interface 20 b mayprovide an optical signal to the polarization controller 32 b of the Bobinterface 20 b. In some embodiments, the photon sources 30 a and 30 bmay be a laser or any other source capable of providing an opticalsignal. The photon sources 30 a and/or 30 b can use any operatingwavelength and the configuration thereof (including the power) dependsupon the distance to be travelled by the optical signal and the lossesthat will be incurred over the communication link 14.

For simplicity in description, the Alice interface 22 a will bedescribed herein. As one skilled in the art will appreciate, the Bobinterface 20 b will include similar systems and functionality. Thepolarization controller 32 a may be capable of receiving the opticalsignal generated by the photon source 30 a. Additionally, thepolarization controller 32 a may provide a change in the form ofpolarization of the optical signal and output the optical signal. Insome embodiments, the polarization controller 32 a may include afunction generator 38 a and a polarization modulator 40 a. The functiongenerator 38 a may be capable of altering the form of polarization ofthe optical signal by supplying control signals to the polarizationmodulator 40 a indicative of a series of particular angles (e.g., 15°,85°, 15°, 85°, 15°, 15° etc. to represent a bit stream 010100) to beused by the polarization modulator 40 a for setting the original statesof polarization. In the examples set forth below, the control signalsare implemented as different voltages that cause the polarizationmodulator 40 a to change the polarization angles, i.e., +5V will inducea polarization change equal to 15 degrees. However, other mechanisms andtypes of control signals can be used to induce similar polarizationchanges. The polarization modulator 40 a may receive the control signalsand then modify the optical signal to generate the series of originalstates of polarization in a serial manner and transmit the opticalsignal to the communication link 14 via the combiner 36 a.

The combiner 36 a may receive the optical signal from the communicationlink 14 and direct the optical signal to the polarization analyzer 34 a.The polarization analyzer 34 a may receive the optical signal from thecombiner 36 a and measure the received state of polarization in the formof optical parameters. For example, the polarization analyzer 34 a maymeasure and determine the received state of polarization state of aphoton on an equator of the Poincaré sphere. In some embodiments, thereceived state of polarization may be determine using optical parameterssuch as Stokes' parameter, Jones' matrix, and/or the like, as describedin further detail herein. The polarization analyzer 34 a may supply theoptical parameters to one or more processors to calculate and/or recoverthe original state(s) of polarization as discussed herein for decodingthe optical signal. Further, the one or more processors may supplycontrol signals to the function generator 38 a to cause the polarizationmodulator 40 a to create a subsequent or successive optical signal basedon the original state(s) of polarization to, cause the interface torelay one or more portions of the optical signal along anothercommunication link, or transmit, into the communication link 14, aderivation of the optical signal as described below with respect to themulti-stage cryptography protocol, or the braided single-stage protocol.

Referring to FIGS. 1 and 4, generally, the optical signal may beprovided by the photon source 30 a to the polarization controller 32 aof the Alice node 12 a. The polarization controller 32 of the Alice node12 a may receive the optical signal and provide a series of changes inthe form of polarization of the optical signal. The polarizationcontroller 32 a of the Alice node 12 a may then output the opticalsignal, having a first polarization state (i.e., the originalpolarization state) indicative of the required change in the form ofpolarization, to the communication link 14.

The Bob node 12 b may receive the optical signal and provide the opticalsignal to the polarization analyzer 34 b of the node 12 b. The opticalsignal may have a second polarization state (i.e., received state ofpolarization) that is different from the original polarization state dueto passing of the optical signal through the communication link 14,which may be an optical fiber constructed of a birefringent material.The polarization analyzer 34 b of the Bob node 12 b may measure thesecond (i.e., received state) of polarization of the optical signal andrecover the first (i.e., original) polarization state.

Initial transmission of the optical signal from the Alice node 12 a tothe Bob node 12 b may be provided with an expected pattern ofpolarization states (i.e., an initialization vector). For example, thepolarization modulator 40 a of the Alice node 12 a may generate apattern of polarization states in the optical signal such as:

ϕ=0°, 30°, 45°, 60°, 90°, 120°, 135°, and 150°  (EQ. 1)

The pattern of polarization states set forth above is by way of exampleonly. Other patterns of polarization states comprising alternate anglescan be used. Additionally, more or fewer polarization states thanindicated above can be used to carry out the characterization procedure.The Alice node 12 a and the Bob node 12 b may both know or share theexpected pattern prior to transmission of the expected pattern from theAlice node 12 a to the Bob node 12 b. As the optical signal istransmitted over the communication link 14, the polarization state maybe altered. For example, the communication link 14 may be a birefringentoptical fiber altering the polarization state of the optical signal. Inthis example, the birefringent optical fiber may include a fast axis anda slow axis. The slow axis may have a high refractive index and the fastaxis may have a lower refractive index as compared to the slow axis suchthat a component of the optical signal traveling on the fast axis willmove faster than a component of the optical signal traveling on the slowaxis.

The polarization analyzer 34 b may receive the optical signal. Theoptical signal may be composed of the expected pattern of polarizationstates provided by the polarization modulator 40 a of the Alice node 12a, although altered from their original transmission due to microdisturbances in the birefringent optical fiber. The polarizationanalyzer 34 b of the Bob node 12 b may determine projection of thereceived polarization state using, for example, the Stokes parametersand equation:

$\begin{matrix}{\phi = {\frac{1}{2}{\tan^{- 1}\left( \frac{S_{2}}{S_{1}} \right)}}} & \left( {{EQ}.\mspace{14mu} 2} \right)\end{matrix}$

The polarization analyzer 34 b may then convert the angle φ into degreesand determine the angle of the fast axis of the optical fiber of thecommunication link 14. The angle of the fast axis of the optical fibermay be determined using the equation:

$\begin{matrix}{\sigma = {\left( {\phi + \left( \frac{\varphi - \phi}{2} \right)} \right)\; {mod}\mspace{14mu} 90}} & \left( {{EQ}.\mspace{14mu} 3} \right)\end{matrix}$

An average of the fast axis angles may be determined and characterizedby using the expected pattern polarization states transmitted by theAlice node 12 a and comparable received polarization states by the Bobnode 12 b. The average of the fast axis angles may be characterized by:

$\begin{matrix}{\chi = \frac{\sum\limits_{i = 1}^{N}\sigma_{i}}{N}} & \left( {{EQ}.\mspace{14mu} 4} \right)\end{matrix}$

where N is the number of known polarization states transmitted by theAlice node 12 a. In this example, N=8. The average of the fast axisangle may provide the characterization angle indicative of the axis ofthe birefringent material of the optical fiber of the communication link14. The Bob node 12 b may have suitable circuitry and/or processingcapability to apply the characterization angle in determining unknownoriginal states of polarization transmitted from the Alice node 12 a tothe Bob node 12 b. Similarly, the same procedure can be repeated tocharacterize the channel for the Alice node 12 a. It should be notedthat the channel characterization angle for the Alice node 12 a might bedifferent even when the communication link 14 is a single mode opticalfiber for communication, because the trajectory at the end of thecommunication link 14 adjacent to the Bob node 12 b might be differentthan the trajectory at the end of the communication link 14 adjacent tothe Alice node 12 a. The following Tables 1 and 2 provide data showingresults of an experiment conducted to characterize an optical fiber inaccordance with the presently disclosed inventive concepts. Furtherdetails of this experiment are found in the provisional patentapplication identified by U.S. Ser. No. 61/845,757, which isincorporated herein by reference.

TABLE 1 Characterization of an optical fiber Angle of polarizationVoltage applied Linear projection of transmitted by to the angle ofpolarization Fast axis angle the Alice node polarization computed by Bobin computation 12a in degree modulator degree result in degree Ø V_(π) =30 V$\phi = {\frac{1}{2}{\tan^{- 1}\left( \frac{S_{2}}{S_{1}} \right)}}$$\sigma = {\left( {\phi + \left( \frac{\varnothing - \phi}{2} \right)} \right)\mspace{11mu} {mod}\; 90}$ 1  0.167 142.62 71.81  30 5   112.94 71.47  45 7.5   97.68 71.34  6010     82.59 71.29  90 15     53.57 71.78 120 20     22.86 71.43 13522.5   7.78 71.39 150 25    172.64 71.32$\chi = \frac{\sum_{i = 1}^{8}\; \sigma_{i}}{8}$ 71.48

TABLE 2 Polarization states transmitted by the Alice node 12a, receivedand recovered by the Bob node 12b at the far end of an optical fiberLinear projection Angle of Voltage of angle of Original linearpolarization applied polarization polarization angle transmitted by tothe computed calculated the Alice node polarization by Bob in by the Bob12a in degree modulator degree node 12b in degree Ø V_(π) = 30 V$\phi = {\frac{1}{2}{\tan^{- 1}\left( \frac{S_{2}}{S_{1}} \right)}}$(χ + (χ − φ)mod 180  81.1 13.517  62.24  80.72 100.5 16.75   42.99 99.97  88.9 14.812  54.72  88.24 158.6 26.433 165.19 157.27 144.6 24.1 178.79 144.17  57.2  9.533  85.98  56.98 143.8 23.967 179.39 143.57126.6 21.1   16.83 126.13  90.8  0.167 53.1  89.86  59.8 15.133  83.42 59.54  29.6  9.967 114.23  28.73  40.5  4.933 102.97  39.99

As shown in Table 2, the original state of polarization calculated bythe Bob node 12 b is within approximately 1% and/or approximately 2° ofthe original state of polarization. There may be relatively small errorsin computing the original polarization angle. This can be dealt with bykeeping the used polarization angles sufficiently apart, e.g. more thanabout 2° such that consecutive polarization angles can be differentiatedcorrectly with a very small error probability. The spacing between theused polarization angles can be based upon an estimate or measurement ofthe errors in computing the original polarization angle. Thisinformation can be used by the Bob node 12 b to decode data that isencoded within the polarization states set by the Alice node 12 a. Tothat end, the Alice node 12 a may be able to transmit one or more securecommunications in the presence of the Eve node 16 without discoveryand/or corruption of the communications due to the fact that the Evenode 16 would not have the information indicative of the initializationvector prior to the initialization vector being transmitted from theAlice node 12 a to the Bob node 12 b.

Further, tapping into the communication link 14 by the Eve node 16causes an abrupt change in the way the polarization of the opticalsignals drift between the Alice node 12 a and the Bob node 12 b. Thus,from the standpoint of the Bob node 12 b, the characterization angle of71.48° currently being used to determine and/or recover the originalstate of polarization will no longer be effective. In this instance, theBob node 12 b would generate an alert to signal other nodes 12, such asthe Alice node 12 a that the communication link 14 is subject toeavesdropping so that appropriate action can be taken. For example, uponreceiving an alert from the Bob node 12 b, the Alice node 12 a maydirect transmissions to the Bob node 12 b by avoiding the communicationlink 14.

In some embodiments, the characterization angle of the communicationlink 14 may be recalibrated periodically using EQS. 1-4. Recalibrationof the characterization angle may account for slow time-varyingbirefringence components of the communication link 14. Such slowtime-varying birefringence components may include, but are not limitedto, temperature, pressure, vibration, additional environmental factors,and/or the like.

In some embodiments, one or more calibration symbols may be embeddedwithin the expected pattern of the changing states of polarization(e.g., the pattern provided by the polarization modulator 40 a). Thecalibration symbols may be used to construct a calibration sequence fora subsequent iteration of calibration. The calibration symbols may betransmitted from the Alice node 12 a to the Bob node 12 b. Thepolarization analyzer 34 b of the Bob node 12 b may receive dataindicative of the embedded calibration symbols, decode the data, and usethe embedded calibration symbols to recalibrate the characterizationangle. A logic sequence and/or an operator managing the Alice node 12 aand the Bob node 12 a may determine how to derive and/or use thecalibration symbols for the next channel characterization iteration. Thecalibration symbols can be communicated separately, or be derived basedon the data received or can be derived in other ways. Also, the numberof calibration symbols required for characterization can vary and be anynumber. For example, in non-limiting embodiments, the number ofcalibration symbols can be between 1-1000.

In one example, the communication system 10 may use a concept known aspolarization shift keying (POLSK) to convey information across thecommunication link 14. As discussed above, the communication link 14 canbe free space, or an optical fiber. The communication system 10 uses afinite number of distinct signals to represent digital data. POLSK usesa finite number of distinct polarization states, each assigned a uniquepattern of binary digits. In one embodiment, each distinct polarizationstate encodes an equal number of bits. Each pattern of bits forms asymbol that is represented by the particular polarization state. The Bobnode 12 b, which is pre-loaded with information indicative of asymbol-set, determines the polarization state of the received opticalsignal and maps the polarization state to the symbol it represents, thusrecovering the original data. When the communication link 14 includes anoptical fiber, the Bob node 12 b will calculate the original state ofpolarization (as described herein) and then map the original state ofpolarization to the symbol it represents thus recovering the originaldata. Any number and particular pattern of bits of information can beassigned to a particular polarization state. Thus, a symbol may containone or more than one bit of information. In one non-limiting embodiment,up to at least 8 bits of information can be represented by eachpolarization state.

In some embodiments, the communication link 14 may include two or moredifferent wavelengths for communication over a fiber optic network. Inone example, a distinct wavelength may be selected at random and used tocommunicate the encryption key with all other wavelengths capable oftransmitting the secure communication for decoding. In this example, thecommunication link 14 may include two or more channels operating atdifferent wavelengths of the optical signals. Each channel may becapable of transmitting secure communications between the Alice node 12a and the Bob node 12 b using processes described herein. For example,the Alice node 12 a may include multiple sets of the photon source 30 a,and polarization controller 32 a with each set operating at a differentwavelength. The optical signals generated by the multiple sets can befed into the combiner 36 a for passage into the communication link 14.In this example, the communication link 14 may include a first fiberoptic channel for carrying encryption keys encoded within a firstoptical signal of a first wavelength for the secure communication thatis encoded within a second optical signal of a second wavelength beingtransmitted over a second fiber optic channel. Even further, in someembodiments, one or more secure communications being transmitted overthe two or more channels may hop between available channels. Forexample, two optical channels may be on the same communication link 14between the Alice node 12 a and the Bob node 12 b, but each channel maybe using a different wavelength. Hopping between two or more channelsmay be randomized for any external entity. For example, thecommunication including encryption keys may randomly hop betweenavailable channels.

In addition, the communication system 10 can utilize dense-wavelengthdivision multiplexing in which multiple wavelengths of optical signalsare transmitted and received simultaneously with particular ranges ofwavelengths forming different channels in the optical fiber. In thisinstance, the Alice node 12 a would include multiple photon sources andpolarization controllers 32 a, whose outputs are combined andtransmitted on the communication link 14. The Bob node 12 b wouldinclude an optical filter for each range of wavelengths, with the outputof each optical filter fed into a particular polarization analyzer 34 b.

The process for sending secure communications using the pre-determinedfast axis angle of the optical fiber may be performed for sendingcommunication from the Bob node 12 b to the Alice node 12 a as well. Itshould be noted that the average fast axis angle of the optical fiber inthe reverse direction (i.e., the Bob node 12 b to the Alice node 12 a),may be different even though the communication link 14 may be a singleoptical fiber. For example, the trajectory at the Bob node 12 b may bedifferent than the trajectory at the Alice node 12 a, and as such, theaverage fast axis angles may be different.

In some embodiments, transmission of a secure communication may use amulti-stage cryptography process as described in further detail herein.Generally, a secure communication in an optical signal may be passedfrom the Alice node 12 a to the Bob node 12 b via the communication link14 using a multi-stage cryptography algorithm that is distributedbetween the Alice node 12 a and the Bob node 12 b and used to providesecure communications between the Alice node 12 a and the Bob node 12 b.The multi-stage cryptography algorithm may include instructions fortransmitting an odd-number of at least three optical signaltransmissions across the communication link 14 using a plurality ofindependent transformations of polarization state of the optical signaltransmission. However, it should be understood that the multi-stagealgorithm discussed herein is not limited to an odd-number of at leastthree signal transmissions. Any number of signal transmissions N can beused so long as the multi-stage algorithm includes at least N+1independent transformations of the polarization state of the opticalsignal transmission. Further, in the discussion that follows, it shouldbe understood that in the multi-stage cryptography algorithm and/or theBraided single stage algorithm, the Alice node 12 a and the Bob node 12b have already authorized each other using a predetermined methodology.In certain non-limiting examples, this authentication may only beperformed once when the communication system is first commissioned.Thereafter, in this example, the multi-stage cryptography protocol andthe braided single-stage cryptography protocol can function withoutfurther authentication. The authentication can be implemented in avariety of ways which are known to those skilled in the art.

Referring to FIGS. 1 and 5, illustrated therein is a schematic diagramof an exemplary embodiment of the multi-stage cryptography process 50.Generally, the multi-stage cryptography process 50 applies atransformation at Stage 1, Stage 2, and Stage 3 of the process.Initially, both the Alice node 12 a and the Bob node 12 b are both awareof an initialization vector IV₀ (i.e., secret key). Further, in someembodiments, the initialization vector IV₀ may contribute to thegeneration of a new vector IV₁ (i.e., new key) as described in furtherdetail herein. The term “IV”, as used herein denotes an initializationvector; the term “a” denotes a transformation associated with the Alicenode 12 a; the term “β” denotes a transformation associated with the Bobnode 12 b; and the term “X” denotes the message. In some embodiments,IV, α, β and X are all vectors (strings or arrays of values) having asame length z. The set IV₀, α₀, β₀ and X₀ refer to the set of arrays foriteration 0. The subscript refers to the number of the iteration. Theterms “IV₀[n],” “α₀[n],” “β₀[n]” and “X₀[n]” denote the specific valueat position n of the vector. “0” denotes the first cycle, and “1”denotes the second cycle. IV₀ may be generated randomly and known toboth the Alice node 12 a and the Bob node 12 b before iteration 1. IV₁is generated as described in the present disclosure. On the other hand αand β may be generated by the Alice node 12 a and the Bob node 12 brespectively and do not need to be shared between them. At eachiteration a new set of α and β may be generated randomly.

In some embodiments, the initialization vector IV₀ having a length z maybe shared with the Alice node 12 a and the Bob node 12 b prior toinitial transmission of a signal. Generally, the initialization vectorIV₀ is a string of z bits. The multi-stage cryptography process 50 maybe performed for z cycles for each iteration to obtain z bits of asecret message X as described in further detail herein.

The Alice node 12 a and the Bob node 12 b may both be aware of a valuefor a polarization angle associated with each bit of the initializationvector IV₀. For example, the n^(th) bit of IV₀ (referred to herein as“IV₀[n]”)may be zero, and thus encoded with a 0° polarization angle. Inanother example, the n^(th) bit of IV₀ (IV₀[n]) may be one, and thusencoded with a 90° polarization angle. It should be understood that bit0 and bit 1 do not need to be encoded using orthogonal polarizationangles. The values within the initialization vector IV₀[n] may be anylinear polarization angles.

Referring to FIG. 5, in Stage 1, the Alice node 12 a may encode one ormore qubits corresponding to a first bit of the initialization vectorIV₀ with two or more specific polarization states. For example, theAlice node 12 a may encode bit “0” with a first angle (e.g., 20degrees), and bit “1” with a second angle (e.g., 80 degrees). The Alicenode 12 a may transform the polarization of the encoded qubits byapplying a first transformation α₀[n] of 30°, for example, that isreversible as discussed below. For example, the transformation α₀[n] canbe a unitary transformation. Thus, the first angle is transformed to 50°and the second angle is transformed to 110°. The Alice node 12 a maythen transmit the qubit to the Bob node 12 b over the communication link14.

In Stage 2, the Bob node 12 b may receive the qubit, recover theoriginal polarization states as discussed above when the communicationlink 14 is an optical fiber, and generate a second message by applying asecond transformation β₀[n] (referred to herein as the n^(th) bit of β₀)to the received qubit that is reversible as discussed below. Forexample, the transformation β₀[n] can be a unitary transformation. Forexample, the second transformation β₀[n] may be 20° and in thisinstance, the first angle is transformed to 70° and the second angle istransformed to 130°. The Bob node 12 b may transmit the second messageto the Alice node 12 a over the communication link 14 with the secondmessage including the initialization vector IV₀[n], the firsttransformation α₀[n], and the second transformation β₀[n]. Using thepresent notations, IV₀[n], α₀[n] and β₀[n] are the values used atiteration number 0 (1^(st) iteration) and cycle number n+1. Although atransformation for only one bit position for α₀[n] and β₀[n] aredescribed in this example for purposes of brevity and clarity, suchtransformations may be applied to each of the bit positions.

Referring to FIG. 5, in Stage 3, the Alice node 12 a may receive thesecond message, restoring the original polarization states as discussedabove when the communication link 14 is an optical fiber, and maygenerate a third message by applying a transpose complex conjugate ofα₀[n] to the second message (e.g., to transform the first angle to 40°and the second angle to 100°) and encoding a secret message X in theform of the value of X₀[n]. The Alice node 12 a may transmit the thirdmessage to the Bob node 12 b over the communication link 14 with thethird message including the initialization vector IV₀[n], the secretmessage X₀[n], and the second transformation β₀[n].

In Stage 4, the Bob node 12 b may decode the third message by restoringthe original polarization states as discussed above when thecommunication link 14 is an optical fiber, applying a combination of atranspose complex conjugate of the initialization vector IV₀[n] and atranspose complex conjugate of β₀[n] to the third message as shown inFIG. 5. When the communication link 14 is an optical fiber having thebirefringent material that causes changes to the original state ofpolarization, the Alice node 12 a and/or the Bob node 12 b may use theprocedure described above to determine the original state ofpolarization to interpret and then decode the optical signals. Inparticular, decoding the third message allows for the Bob node 12 b todecode the secret message X₀[n].

The multi-stage cryptography process 50 illustrated in FIG. 5 may berepeated for multiple cycles. Generally, the number of cycles periteration may be equal to the length of the string of the initializationvector IV₀[n]. For example, after completion of a cycle (e.g., n=1), atthe next cycle, the Alice node 12 a may use a new transformation setα₀[n+1] and the Bob node 12 b may use a new transformation set β₀[n+1]with a next value in the string of the initialization vector IV₀[n+1].

When the number of cycles is equal to the length z of the initializationvector IV₀, a new initialization vector IV₁ having a series of distinctpolarization angles may be used as illustrated in FIG. 5. Generally, newinitialization vector IV₁ may not need to commute with α₁ and/or β₁,which are new strings of bits for use as transformations for iteration1. Further, the new initialization vector IV₁ may be in the binary formof 0's and 1's with the Alice node 12 a and the Bob node 12 bassociating bits with pre-determined angles to form a string of variabletransformation values. It should be noted that the transformation valuesassociated with the binary form of 0's and 1's may be updated after eachiteration with the Alice node 12 a and the Bob node 12 b using theidentical methodology. In one embodiment, the initialization vector IV₀and the initialization vector IV₁ have the same length.

In some embodiments, the new initialization vector IV₁ may be configuredusing messages shared between the Alice node 12 a and the Bob node 12 b.For example, in some embodiments, the initialization vector to IV₁ maybe updated using an updating function that has both X₀ and IV₀ asinputs. In this example, IV₁ would be a combination of the bits from X₀and IV₀. The particular combination can be a choice of both the Alicenode 12 a and the Bob node 12 b. In other embodiments, the updatingfunction may use one or more transmitted bits at predeterminedlocation(s) within the secret message X₀, or any combination oftransmitted bits of the secret message X₀ to compute the newinitialization vector IV₁. In some embodiments, the originalinitialization vector IV₀ may be used by the algorithm to compute thenew value IV₁. For example, the new initialization vector IV₁ may becomputed by using a non-linear relation between X₀ and IV₀. For example,the non-linear relation can use an algorithm based on an AdvancedEncryption Standard.

Shown in FIG. 5a is an exemplary, non-limiting, array of transformationsand the secret message X₀ during a first iteration of the multi-stagecryptography protocol. As shown in FIG. 5 a, all of the transformationsmay include bits 0 to z-1 and thereby include the same length. Thevalues comprised in the string of values X₀, α₀, IV₀, and β₀ for eachbit are rotation angles associated with the fast axis of the half waveplates or other polarization modulator that is used to apply therotation angles to the optical beam. This can be accomplished, forexample, by using a half-wave plate set at a particular polarizationangle to implement the transformation. A particular combination of bitsof IV₀, α₀ and β₀ may be used for encoding each bit of X₀. An iterationis the process of sharing all the z bits in the message thuscommunicating the string of values of IV₀, α₀ and β₀. To communicateanother message in a subsequent iteration, a new IV₁ is generated andsuch new IV₁ may be based on IV₀ and X₀ or parts of them using anupdating function that may only be known by the Alice node 12 a and theBob node 12 b. IV₁ is of the same length as X₁ and a totally new stringsα₁ and β₁ are generated by the Alice node 12 a and the Bob node 12 brespectively in order to share X₁.

Referring to FIGS. 4 and 5, in some embodiments, the communicationsystem 10 a illustrated in FIG. 4 may be used in the transmission ofsecure communication in the multi-stage cryptography process 50. Forexample, the photon source 30 a may provide an optical signal to thepolarization controller 32 a of the Alice node 12 a. The Alice node 12 amay receive the optical signal, use the polarization controller 32 a toencode the initialization vector IV₀[n] and the first transformationα₀[n], and transmit the optical signal to the Bob node 12 b. Thecommunication link 14 may be an optical fiber, for example. As such theAlice node 12 a and the Bob node 12 b may receive the optical signal,and restore the original polarization state using the polarizationanalyzers 34 a and 34 b as provided in the processes described inrelation to FIGS. 3 and 4 herein. The multi-stage cryptography process50 proceeds as discussed above to securely transmit the secret messagefrom the Alice node 12 a to the Bob node 12 b while calculating andrestoring the original polarization states such that the Bob node 12 bcan decode the secret message.

In at least one embodiment, the secret message and the initializationvector transmitted from the Alice node 12 a to the Bob node 12 b are ofthe same length, such as 100 bits. If the secret message, beforetransmission, is shorter than the initialization vector (i.e., differentlengths), then the length of the secret message can be adjusted to bethe same length as the initialization vector. This can be accomplished,for example, by adding filler bits to the end of the secret message orshortening the length of the initialization vector. If the secretmessage is longer than the length of the initialization vector, then thesecret message can be parsed into X number of segments which have thesame length as the initialization vector used to transmit each of thesegments. For example, if there are two segments, then theinitialization vector IV₀ can be used for a first one of the segments,and the initialization vector IV₁ can be used for a second one of thesegments. This methodology can then be repeated if the message X isparsed into more than two segments.

For example, if the secret message includes z bits and z=100, then all100 bits can be transmitted in a single transmission by setting theinitialization vector to z polarization angles. Or, the secret messagecan be transmitted in four separate transmissions of 25 bits setting theinitialization vector to z/4 polarization angles, or the secret messagecan be transmitted in 100 transmissions by setting the initializationvector to a single polarization angle. When the secret message issegmented, the Bob node 12 b will accumulate and concatenate thesegments to re-create the secret message. After all z bits have beentransmitted, the initialization vector may be updated for use in thetransmission of the next secret message.

In some embodiments, the multi-stage cryptography process 50 of FIG. 5may be implemented in an optical system using Free Space Optics (FSO).For example, the optical system may include a photon source,polarization controller, polarization modulator as described herein. Theoptical system using FSO may not restore the original polarization stateusing the polarization analyzer as polarization states do not drift orotherwise change in optical systems using FSO.

FIG. 6 illustrates a schematic diagram of an exemplary multi-stagecryptography process illustrated in FIG. 5 implemented over free spaceoptics (FSO) using passive optical components. Although half-wave plates52 are described and illustrated in FIG. 6, it should be apparent to oneskilled in the art that a polarization controller 32 as described inrelation to FIG. 3 herein may be used to generate the polarizationstates.

As illustrated in FIG. 6, the Alice node 12 a may include a plurality ofhalf wave plates 52. For example, in FIG. 6, the Alice node 12 a mayinclude four half wave plates 52 a, 52 b, 52 c and 52 d. The Bob node 12b may also include a plurality of half wave plates 52. For example, inFIG. 6, the Bob node 12 b includes three half wave plates 52 e, 52 f and52 g.

In Stage 1, the Alice node 12 a may generate an initial state with apolarizer 54. For example, the Alice node 12 a may generate an initialstate of 0° linear polarization using a 0° polarizer. The Alice node 12a may then apply a first transformation IV₀[n]=Θ using the half waveplate 52 a set at an angle Θ and using the second half wave plate 52 bset at an angle α₀[n]=Θ_(A). The Alice node 12 a may apply thetransformations as the optical signal passes through the half waveplates 52 a and 52 b on the optical signal's path to the Bob node 12 b.

In Stage 2, the Bob node 12 b may apply a second transformation usingthe half wave plate 52 e set at an angle β₀[n]=Θ_(B). The optical signalmay then be transmitted to the Alice node 12 using mirror 56 a.

In Stage 3, the Alice node 12 a may receive the optical signal from theBob node 12 b via mirror 56 b and remove the first transformation bysetting the half wave plate 52 c to an angle α₀[n]=−Θ_(A). The Alicenode 12 a may then apply a transformation associated with an encoded bitusing the half wave plate 52 d set at an angle Θ_(X)=0° in case ofbit=0, and Θ_(X)=45° in case of bit=1, for example. The Alice node 12 amay transmit the optical signal containing the message to the Bob node12 b.

In Stage 4, the Bob node 12 b may pass the optical signal containing themessage through the half wave plate 52 g set at an angle IV₀[n]=Θ toremove the transformation induced by the initialization vector. Thechoice of angles is made according to the operation of the half waveplates 52. The Bob node 12 b may now have an optical signal polarized ateither 0 degrees or 90 degrees. The optical signal may be passed througha beam splitter 58 (e.g., a 50/50 beam splitter) and through one or morelight intensity detectors 60 to detect whether the bit 0 or the bit 1has been received.

It should be noted that the values of X₀[n], α₀[n], β₀[n], and IV₀[n](and subsequent iterations of same) may be rotation angles associatedwith the fast axis of the half wave plates 52. In addition, the systemdepicted in the illustration of FIG. 6 may be implemented in a varietyof ways. For example, in some embodiments, phase encoding may be usedwith current cryptography techniques. The discussion above denotes theoperation of one cycle of iteration number 0, and such operations may berepeated with different values for other cycles and iterations.

Referring to FIG. 7, in some embodiments, transmission of a securecommunication may use a single-stage cryptography process 62. In thesingle-stage cryptography process 62, the Alice node 12 a and the Bobnode 12 b may share a message indicative of an initial initializationvector U_(A) using the multi-stage cryptography process discussedherein. The message is denoted as Θ_(initial) in FIG. 7. The message caneither be the initial initialization vector U_(A), or the initializationvector U_(A) can be derived from the message. Generally, theinitialization vector U_(A) between the Alice node 12 a and the Bob node12 b may include a string of unitary transformations. A first bit streamof information X may be encoded using the initialization vector U_(A).The encoded first bit stream of information U_(A)[X] may be passed fromthe Alice node 12 a to the Bob node 12 b. The Bob node 12 b may read thevalues of predetermined locations of bits within the first bit streamand decode the message X due to the Bob node's 12 b prior knowledge ofU′_(A). The predetermined locations of the bits within the first bitstream can be provided at any locations within the first bit stream solong as both the Alice node 12 a and the Bob node 12 b are supplied withinformation indicative of such predetermined locations. The string oftransformations and the information indicative of the predeterminedlocations within the bit streams for generating the new transformationvector can be securely distributed using the multi-stage cryptographyprocess 50 described above. A second vector may then be generated usingthe transformation vector U′_(A). Using the second vector that wasderived from information within the first bit stream, a second bitstream of information may be encoded and passed from the Bob node 12 bto the Alice node 12 a.

FIG. 8 illustrates an exemplary, non-limiting, framing scheme 64 for usein the single-stage cryptography process 62 of FIG. 7. In practice,other methodologies may be used to calculate the new angles oftransformation for securely encoding and decoding subsequent frames ofinformation. The Alice node 12 a may transmit a predetermined number ofbits b in a frame 66. For example, in FIG. 8, the Alice node 12 a maytransmit k+n of bits b in the frame 66. Both k and n are variables. Thebits b in the frame 66 frame b₁ through b_(k+1) may be transmitted usinga first angle Θ of transformation. The Bob node 12 b may be aware of thevalue of the first angle Θ of transformation. The bits b in the frame 66from b_(k+1) to b_(k+n) may be used to generate a new angle oftransformation for a subsequent frame.

Referring to FIGS. 7 and 8, the Alice node 12 a and the Bob node 12 bmay determine an initial complex valued transformation. The initialvalue of the polarization angle Θ may be used to transmit the firstb_(k+n) bits of information from the Alice node 12 a to the Bob node 12b. Starting from a pre-determined bit, (e.g.,b_(k+1)) the Alice node 12a may generate a new angle Θ₁. It should be noted that extraneous bits bof data are not being transmitted in order to generate new angle Θ₁.Instead, using bits b of the last transmission may be used to generatenew angle Θ₁ by converting n bits b to an integer value N using, in onenon-limiting embodiment, the formula:

N=Σ _(i=k+1) ^(k+n) b _(i)*2^(i)   (EQ. 5)

One skilled in the art will understand that other formulas may be usedas well. The Alice node 12 a and the Bob node 12 b may determine the newangle Θ₁ by using N and the previous angle Θ, such that the value of thenew angle Θ₁ may be derived from transmitted bits and the current valueof Θ. The frame 66 may have a header portion and a data portion. Theheader portion of the frame may include information, including adestination address, intermediate addresses, quality of serviceidentifiers and the like that is used to route the frame 66 through thenetwork. The data portion of the frame 66 may include user data to beingtransmitted through the network, and in particular from the Alice node12 a to the Bob node 12 b. The bits b used to determine the new angle Θ₁may be read from either the header portion or the data portion of theframe 66 and the new angle Θ₁ may be calculated in a manner that isdifferent from the routing process used to update the header portion ateach intermediate node and the final destination. Further, in oneembodiment, the bits b are read and used to calculate the new angle Θ₁by the Alice node 12 a and the Bob node 12 b without modifying theheader portion or the data portion of the frame 66. In this instance,the Alice node 12 a reads the bits b prior to transmitting the frame 66and the Bob node 12 b reads the bits b subsequent to receiving the frame66, and prior to transmitting the frame 66 to a next destination node.

FIG. 9 illustrates a schematic of a system 68 for implementing thesingle-stage process 60 of FIG. 8. Generally, bit 0 may be encoded as apre-determined linear horizontal polarization and bit 1 may be encodedas a pre-determined linear vertical polarization. Half-wave plates aredescribed for simplicity, however, it should be noted that alterationsin polarization state may be performed using the polarization controller32 as described in relation to FIG. 3.

The Alice node 12 a may provide a sequence set for bits to betransmitted. The data may be converted in binary form using one or moreprocessors and bits may be encoded in horizontal polarization for 0 andvertical polarization for 1.

An optical signal may be passed through a beam splitter 70 into twopaths having substantially similar intensity. Using an assembly 72 ofone or more mirrors 74 and beam combiners 76, the path of the opticalsignal may be directed towards one or more half wave plate 78. Eachoptical signal may be set to a particular state of polarization e.g., aninitial pre-determined angle Θ, by using the one or more half waveplates 78.

The optical signal may be directed to the Bob node 12 b and passedthrough a half wave plate 80 to invert the transformation by the Alicenode 12 a. The optical signal may be passed through a beam splitter 82and one or more polarizing filters 84. The light may then be detected toreceive strings of 1s and 0s. The strings of 1s and 0s may be furtherconverted to receive the original data or key. Further, a new angle Θ₁may be determined and used in further communications between the Alicenode 12 a and the Bob node 12 b.

The single-stage cryptography process 62 described herein may use amulti-photon approach for implementation. The multi-photon approach mayprovide for quantum communications over large distances. As such, thesingle-stage cryptography process 62 may be suitable for ship-to-shipand air-to-ground communication via FSO. Additionally, the single-stagecryptography process 62 may use one two-way quantum channel only once tosend information providing a three-fold increase in efficiency of use ofthe communication link 14 as compared to multi-stage processes. Evenfurther, the single-stage cryptography process 62 may make use ofcomplex valued transformations, such that the Eve node 16 may not becapable of retrieving information even with siphoning off of photonsunless the Eve node 16 is aware of the value of the secrettransformation.

In some embodiments, the multi-stage cryptography process 50 may befollowed by the single-stage cryptography process 62 as describedherein. For example, the multi-stage cryptography process 50 describedin relation to FIGS. 4 and 5 may be used to convey an initializationvector U_(A) for the single-stage cryptography process 62 from the Alicenode 12 a to the Bob node 12 b such that the initialization vector U_(A)is shared between each node prior to transmission of a secret messageusing the single-stage cryptography process 62.

As discussed above, in at least one embodiment, the Multi-stagecryptography protocol aims to distribute keys or share data in the formof one or more messages between a sender, e.g., Alice node 12 a, and areceiver, e.g., Bob node 12 b. As noted above, a key problem inmulti-stage protocols of the prior art is that an advisory node, e.g.,Eve, may have access to m equations with m variables which are easy tosolve, wherein a security breach can occur.

To counter this vulnerability, in at least one embodiment of thepresently disclosed inventive concepts, an initialization vector isadded as an extra variable thus the adversary node, e.g., Eve, wouldhave to solve a system of m equations with m+1 variables, which cannotbe done.

A non-limiting example of the multi-stage cryptography protocol in whichm=3 is discussed above. The presently disclosed inventive conceptsinclude any number of m stages where m is greater than or equal to 2.For example, m can be even thus the communication would start at thereceiver and end at the receiver. For example, If m=2 the Bob node 12 bmay send an angle of polarization (its transformation) to the Alice node12 a, which the Alice node 12 a would encode the message and protect itwith the initialization vector and then send the encoded message to theBob node 12 b. Because the Bob node 12 b knows the angle of polarizationthat the Bob node 12 b provided initially, as well as the initializationvector, the Bob node 12 b would be able to decode and retrieve themessage. In case m is odd the communication starts at the Alice node 12a and ends at the Bob node 12 b.

In at least one embodiment described and referred to elsewhere herein asthe Braided single-stage protocol, the concept of braiding takes intoaccount having a multi-stage cryptography protocol (e.g., m=3) operatingto share an initial key (referred to herein as an initialization vector)between a sender and a receiver. Then, the sender and the receiver mayuse a single-stage protocol in order to share messages between eachother. The initialization vector may be updated after each iteration ofthe single-stage protocol in the same manner as the Enhanced Multi-stagewith m=1.

At least one embodiment described and referred to elsewhere herein asthe Enhanced Multi-stage protocol is a protocol that can be used tosecurely share keys, data or messages between two parties alreadysharing an initialization vector (e.g., the Alice node 12 a and the Bobnode 12 b). In order to update the initialization vector after eachiteration of the protocol, the initialization vector can be updatedbased on the previously shared message and the initialization vector ofthe previous iteration.

The Enhanced Multi-stage protocol with m=3 has been discussed by way ofexample on a bit by bit basis. In addition an array of bits can becommunicated at each iteration. When an array of bits is communicatedduring the iteration, different transformations are applied to each bitby mapping the bits to be communicated with predetermined bits of theinitialization vector.

As discussed herein, a fiber optic communication may include an opticalfiber constructed of a birefringent material and a transmission system.The transmission system may include a laser source producing an opticalsignal, a polarization controller, and a receiver system. Thepolarization controller may receive the optical signal generated by thelaser source, provide a change in state of polarization of the opticalsignal, and output the optical signal having an original polarizationstate indicative of the change in polarization to the optical fiber. Thereceiver system may have a polarization analyzer and a processor. Thepolarization analyzer may receive the optical signal from the opticalfiber with the optical signal having a received state of polarizationthat is different from the original polarization state due to passing ofthe optical signal through the birefringent material of the opticalfiber. The polarization analyzer may measure the received state ofpolarization. The processor may receive information from thepolarization analyzer indicative of the received state of polarizationand recover the original polarization state.

In one non-limiting example, the received state of polarization may bemeasured by optical parameters. For example, the received state ofpolarization may be measured by optical parameters including at leastone of Stokes' parameters and Jones' Matrix.

In one non-limiting example, the polarization encoding techniques may beused to encode a message within the optical signal. Additionally, asymbol may contain at least one bit of information.

In some embodiments, the polarization analyzer may measure Stokes'parameters indicative of the received state of polarization, and supplythe Stokes' parameters to the processor. The processor may recover theoriginal polarization state by adjusting the received state ofpolarization as indicated by the Stokes' parameters with at least onecharacterization angle being indicative of an axis of the birefringentmaterial of the optical fiber. In one non-limiting example, the opticalsignal may have a faster moving component of polarized light, and theaxis of the birefringent material may align with the faster movingcomponent of the polarization light.

In some embodiments, an optical communication method may includereceiving, by a second node, one or more photons at a second linearstate of polarization. The one or more photons may be initially injectedby a first node into and pass through a birefringent material of anoptical fiber at an original linear state of polarization in a fiberoptic communication system as described herein. The original linearstate of polarization may be recovered using data indicative of apredetermined effective angle of an axis of the birefringent material ofthe optical fiber.

In some embodiments, an optical communication method may include mayinclude receiving, by a second node, one or more photons at a secondlinear state of polarization. The one or more photons may be initiallyinjected by the first node into and pass through a birefringent materialof an optical fiber at an original linear state of polarization in afiber optic communication system. The original linear state ofpolarization may be restored using data indicative of a predeterminedangle of an axis of the birefringent material of the optical fiber.

In some embodiments, an optical communication method may includeinjecting, by a first node, a polarized beam of light into an opticalfiber. The polarized beam of light may have at least two differentpolarization states indicative of information encoded into the polarizedbeam of light. A second node may receive and analyze the polarized beamof light to determine a series of states of polarization of thepolarized beam of light. The second node may be remote from the firstnode, in one non-limiting example. The encoded information may bedecoded into the polarized beam of light using the series of states ofpolarization. In one non-limiting example, the polarized beam of lightmay be analyzed at specific instants of time.

In some embodiments, an optical fiber calibration method for apolarization encoding technique may include transmitting, by atransmission system, an optical signal having an expected pattern ofpolarization states through a birefringent material of an optical fiber.The expected pattern of polarization states is an initialization vectorhaving a set of polarization angles characterized by optical parameters.The initialization vector may be shared between the transmission systemand a receiving system. The optical signal may be received by thereceiving system. The optical signal may be composed of the expectedpattern of polarization states. The received polarization states may bemeasured in a form of received optical parameters. The received opticalparameters may be compared with the optical parameters of the set ofpolarization angles of the initialization vector to calculate acharacterization angle indicative of an axis of the birefringentmaterial of the optical fiber.

In one non-limiting example, the optical signal may include a firstoptical signal and a second optical signal. The second optical signalmay be transmitted after the first optical signal. The second opticalsignal may have an original polarization state indicative of a change ina form of polarization. A received state of polarization may be measuredby a polarization analyzer of the receiving system and the originalpolarization state may be recovered. The polarization analyzer mayfurther recover the original polarization state by adjusting thereceived state of polarization with a characterization angle indicativeof an axis of the birefringent material of the optical fiber. Theoptical signal may also have a faster moving component of polarizedlight, and the axis of the birefringent material may align with thefaster moving component of the polarized light, in one non-limitingexample. In some embodiments, the characterization angle may beperiodically recalibrated to account for changes in a birefringencecomponent of the optical fiber. In some embodiments, transmitting theoptical signal may further include embedding multiple calibrationsymbols in the expected pattern of polarization states to constructcalibration sequences for successive iterations of calibration. Thepolarization analyzer may receive the data indicative of the embeddedcalibration symbols and use the embedded calibration symbols torecalibrate the characterization angle.

In some embodiments, a polarization-based intrusion detection andmonitoring method may include receiving, by a first node, an expectedpattern of polarization states from a second node via an optical fiber.The expected pattern of polarization states may include aninitialization vector that includes a set of polarization angles to begenerated during a calibration procedure. A characterization angle maybe calculated for the optical fiber. Further, a polarize beam of lightmay be received from a second node. Data about the received polarizationstates may be extracted in a form of optical parameters. The opticalparameters may be compared to the characterization angle and an alertmay be generated based on deviations from the characterization angle.

In some embodiments, a fiber optic system may include an optical fiberand a transmission system. The transmission system may include a lasersource producing an optical signal of any wavelength, a polarizationmodulator, and a receiver system. The polarization modulator may receivethe optical signal generated by the laser source and encode informationinto the optical signal by providing changes in polarization state togenerate a polarized beam of light. The polarization modulator maytransmit the polarized beam of light to the optical fiber. The receiversystem may include a polarization analyzer and a processor. Thepolarization analyzer may receive the polarized beam of light from theoptical fiber and measure the optical parameters indicative of a set ofpolarization states of the polarized beam of light. The processor mayreceive the optical parameters and decode the information from theoptical parameters.

In one non-limiting example, the optical fiber may include a firstchannel and a second channel. The polarized beam of light may hop fromthe first channel to the second channel in the transmission system. Insome embodiments, the first channel and the second channel may beparallel optical fibers. In some embodiments, a first polarized beam oflight may include an encryption key and a second polarized beam of lightmay include secure data for transmission. The transmission system andthe receiver system may be synchronized to communicate the first andsecond polarized beams of light using a pattern of wavelengths. Thehopping of the polarized beam of light from the first channel to thesecond channel may be randomized, for example.

In one non-limiting example, the fiber optic system may include aplurality of optical fibers (e.g., optical fibers constructed ofbirefringent material). In this example, a plurality of wavelengths maybe used to transmit the polarized beam of light through the plurality ofoptical fibers. In one non-limiting example, a first wavelength of theplurality of wavelengths may be selected to transmit an encryption keyand at least a second wavelength of the plurality of wavelengths may beselected to communicate secure data.

In some embodiments, a method may include sharing a first initializationvector IV₀ between a first node and a second node using a multi-stagecryptography protocol. The first initialization vector IV₀ may include astring of transformations. A first bit stream of first information maybe passed from the first node to the second node using a single-stagecryptography protocol. The first bit stream may be encoded by the firstinitialization vector IV₀. Values of predetermined locations of bitswithin the first bit stream may be read and a transformation vectorindicative of the values may be stored. A second initialization vectorIV₁ may be generated using a predetermined algorithm and thetransformation vector. A second bit stream of second information may bepassed from the first node to the second node using a single-stagecryptography protocol. The second stream may be encoded with the secondinitialization vector IV₁.

In one non-limiting example, the string of transformations may representa string of polarization angles. In this example, passing the first bitstream from the first node to the second node may include polarizationencoding of the first bit stream with a polarization modulator and thestring of transformations.

In some embodiments, the first bit stream of the first information maybe passed from the first node to the second node over an optical fiber.The optical fiber may be constructed of a birefringent material, in onenon-limiting example. In some embodiments, the polarized beam of lightmay have at least two different polarization states indicative ofinformation encoded into the polarized beam of light. For example, insome embodiments, the at least two different polarization states mayinclude a horizontal polarization state and a vertical polarizationstate. In one non-limiting example, the polarized beam of light may bereceived from the optical fiber and optical parameters indicative of aset of polarization states of the polarized beam of light may bemeasured.

In some embodiments, the first bit stream may include a frame. The framemay have a first set of bits and a second set of bits. In onenon-limiting example, the first set of bits may be passed from the firstnode to the second node using a first angle of transformation sharedbetween the first node and the second node. The second set of bits maybe passed from the first node to the second node using a second angle oftransformation generated by the first node.

In some embodiments, the first bit stream and the initialization vectorare the same length. In some embodiments, data encoded into the firstbit stream and the initialization vector are of a different length. Inone non-limiting example, the first bit stream may include at least onefiller bit such that the first bit stream and the initialization vectorare of the same length. In another non-limiting example, the first bitstream includes at least two segments; each segment may have a similarlength as the initialization vector.

In some embodiments, a method may include transmitting a first messageby a first node. The first message may be generated by applying a firsttransformation α₀ to an initialization vector IV₀. The initializationvector IV₀ may include a string of transformations. A second message maybe received by the first node. The second message may be generated byapplying a second transformation β₀ to the first message. A thirdmessage may be transmitted by the first node. The third message may begenerated by applying a transpose complex conjugate of the firsttransformation α₀ to the second message and encoding a secret message ina form of X₀.

In some embodiments, the first transformation and the secondtransformation may refer to a set of array transformations of the samelength. Each value of the arrays may be used on one bit of the messageX₀ to be shared.

In some embodiments, a second initialization vector IV₁ may be generatedusing a fourth message. Additionally, a fifth message may be transmittedby the first node. The fifth message may be generated by applying afourth transformation α₁ to the second initialization vector IV₁. Thefirst initialization vector IV₀ and the second initialization vector IV₁may be of the same length, in one non-limiting example.

In some embodiments, the string of values of the first initializationvector IV₀ and the first transformation α₀ are of the same length. Insome embodiments, the first set of transformations α₀ and the first setof values of the initialization vector IV₀ are of a different length. Inone non-limiting example, the first set of transformations α₀ mayinclude at least one filler bit. In another non-limiting example, thefirst set of transformations α₀ may include at least two segments witheach segment having the same length as the first initialization vectorIV₀.

In some embodiments, a method for communicating between a first node andsecond node may include the second node receiving a first message fromthe first node. The first message may be generated by applying a firsttransformation α₀ to an initialization vector IV₀. The initializationvector IV₀ may include a string of transformations. A second message maybe transmitted by the second node to the first node. The second messagemay be generated by applying a second transformation β₀ to the firstmessage. A third message may be received by the second node. The thirdmessage may be generated by applying a transpose complex conjugate of α₀to the second message and encoding a secret message in a form of X₀. Thethird message may be decoded by applying a combination of a transposecomplex conjugate of IV₀ and a transpose complex conjugate of β₀ to thethird message, thereby forming decoded third message. In someembodiments, a second initialization vector IV₁ may be generated usingthe decoded third message. In one non-limiting example, theinitialization vector IV₀ and the second initialization vector IV₁ maybe the same length.

In some embodiments, a method for encoding a message may include passingthe message from a first node to a second node via a communication linkusing a multi-stage cryptography algorithm distributed between the firstnode and the second node. Applied circuitry within the first node andthe second node may include instructions for transmitting at least twooptical signal transmissions across the communication path and using anumber of independent transformations of polarization state of theoptical signal transmission by a combination of the first node and thesecond node at least equal to the number of optical signal transmissionacross the communication link. In one non-limiting example, theinitialization vector may be shared between the first node and thesecond node. The initialization vector may be a series of datarepresentative of linear polarization angles.

In some embodiments, a transmission system may include a laser source, apolarization modulator and a processor. The laser source may produce anoptical signal. The polarization modulator may receive the opticalsignal generated by the laser source. The processor may be configured toobtain an initialization vector IV₀ via a multi-stage cryptographyprotocol, and to provide control signals to the polarization modulatorto cause the polarization modulator to modulate polarization states intothe optical signal thereby encoding a message using the initializationvector IV₀ and a single-stage cryptography protocol. In certainnon-limiting examples, the initialization vector IV₀ includes a stringof transformations representing a string of polarization angles. Thetransmission system may also include a port sized and configured toreceive and support an optical fiber connector of an optical fiber, theport receiving the optical signal generated by the laser source andmodulated by the polarization modulator. In another example, thetransmission system may include a lens positioned inside a housinghaving an opening, the lens receiving the optical signal generated bythe laser source and modulated by the polarization modulator anddirecting the optical signal through the opening and away from thehousing. In certain non-limiting examples, the transmission system mayinclude a polarization analyzer configured to receive an optical signal,and measure optical parameters indicative of a set of polarizationstates of the optical signal; and wherein the processor may beconfigured to receive the optical parameters and derive aninitialization vector IV₁ based on the initialization vector IV₀ andcertain of the optical parameters.

It will be understood from the foregoing description that variousmodifications and changes may be made in the various embodiments of thepresently disclosed inventive concepts without departing from their truespirit. For example, polarization states can be set in a variety ofmanners using half-wave plates, polarization modulators and combinationsthereof. The description provided herein is intended for purposes ofillustration only and is not intended to be construed in a limitingsense. Thus, while the presently disclosed inventive concepts have beendescribed herein in connection with certain embodiments so that aspectsthereof may be more fully understood and appreciated, it is not intendedthat the presently disclosed inventive concepts be limited to theseparticular embodiments. On the contrary, it is intended that allalternatives, modifications and equivalents are included within thescope of the presently disclosed inventive concepts as defined herein.Thus the examples described above, which include particular embodiments,will serve to illustrate the practice of the presently disclosedinventive concepts, it being understood that the particulars shown areby way of example and for purposes of illustrative discussion ofparticular embodiments of the presently disclosed inventive conceptsonly and are presented in the cause of providing what is believed to bea useful and readily understood description of procedures as well as ofthe principles and conceptual aspects of the inventive concepts.

Changes may be made in the formulation of the various components andcompositions described herein, the methods described herein or in thesteps or the sequence of steps of the methods described herein withoutdeparting from the spirit and scope of the presently disclosed inventiveconcepts.

1. A fiber optic communication system comprising: an optical fiberconstructed of a birefringent material; a transmission systemcomprising: a laser source producing an optical signal having a firstpolarization state; a polarization controller having a polarizationmodulator receiving the optical signal generated by the laser source,the optical signal having a first polarization state, the polarizationmodulator receiving a series of control signals representing bits to beencoded into the optical signal by the polarization modulator, andproviding a plurality of changes in state of polarization of the opticalsignal from the first polarization state to original polarization statesthereby encoding the bits into the optical signal, and the polarizationmodulator outputting the optical signal having the original polarizationstates to the optical fiber; and a receiver system comprising: apolarization analyzer receiving the optical signal from the opticalfiber, the optical signal having a plurality of received states ofpolarization that are different from the original polarization statesdue to passing of the optical signal through the optical fiber, thepolarization analyzer measuring the received states of polarization andgenerating information indicative of the received states ofpolarization; and a processor receiving the information from thepolarization analyzer indicative of the received states of polarizationand applying a characterization angle to the received states ofpolarization to recover the original polarization states and the bitsencoded into the optical signal.
 2. The fiber optic communication systemof claim 1 wherein the received states of polarization are measured byoptical parameters.
 3. The fiber optic communication system of claim 2wherein the optical parameters include at least one of Stokes parametersand Jones' Matrix.
 4. The fiber optic communication system of claim 1,wherein the original states of polarization represent a message that isencoded within the optical signal.
 5. The fiber optic communicationsystem of claim 1, wherein a symbol contains at least one bit ofinformation.
 6. The fiber optic communication system of claim 1, whereinthe characterization angle includes at least one characterization angle,and wherein the polarization analyzer measures Stokes parametersindicative of the received states of polarization, and supplies theStokes parameters to the processor, the processor recovers the originalpolarization states by adjusting the received states of polarization asindicated by the Stokes parameters with at least one characterizationangle indicative of an axis of the birefringent material of the opticalfiber.
 7. The fiber optic communication system of claim 6, wherein theaxis of the birefringent material of the optical fiber has is a fastaxis and a slow axis, and wherein the optical signal has a first movingcomponent of polarized light travelling on the fast axis, and a secondmoving component of polarized light travelling on the slow axis, andwherein the fast axis of the birefringent material aligns with the firstmoving component of the polarized light, the first moving component ofthe polarized light travelling faster than the second moving componentof the polarized light.
 8. An optical communication method, comprising:receiving, by a second node, photons at a plurality of linear states ofpolarization, wherein the photons are initially injected by a first nodeinto and pass through a birefringent material of an optical fiber atoriginal linear states of polarization in a fiber optic communicationsystem, each original linear state of polarization representing a bit ofa bit stream, and recovering the original linear states of polarizationusing data indicative of a predetermined effective angle of an axis ofthe birefringent material of the optical fiber.
 9. (canceled)
 10. Anoptical communication method, comprising: injecting, by a first node, apolarized beam of light into an optical fiber, the polarized beam oflight having at least two different polarization states indicative ofinformation encoded into the polarized beam of light; receiving andanalyzing, by a second node, the polarized beam of light to determine aseries of states of polarization of the polarized beam of light, thesecond node being remote from the first node; and decoding theinformation encoded into the polarized beam of light using the series ofstates of polarization.
 11. The method of claim 10, wherein analyzing isdefined further as analyzing the polarized beam of light at specificinstants of time. 12-20. (canceled)
 21. The fiber optic communicationsystem of claim 1, where the optical fiber includes a first channel anda second channel, and wherein the optical signal hops the first channelto the second channel in the transmission system.
 22. The fiber opticcommunication system of claim 21, wherein the first channel and thesecond channel are parallel optical fibers.
 23. The fiber opticcommunication system of claim 21, wherein a first polarized beam oflight includes an encryption key and a second polarized beam of lightincludes secure data for transmission, wherein the transmission systemand the receiver system are synchronized to communicate the first andsecond polarized beams of light using a pattern of wavelengths.
 24. Thefiber optic communication system of claim 23, wherein the hopping of thepolarized beam of light from the first channel to the second channel israndomized.
 25. The fiber optic communication system of claim 1,comprising a plurality of optical fibers, wherein a plurality ofwavelengths are used to transmit optical signal through the plurality ofoptical fibers.
 26. The fiber optic communication system of claim 25,wherein a first wavelength of the plurality of wavelengths is selectedto transmit an encryption key and at least a second wavelength of theplurality of wavelengths is selected to communicate secure data. 27.(canceled)